Skip to content
/ CAShift Public

CAShift: Benchmarking Log-Based Cloud Attack Detection under Normality Shift (FSE 2025)

sites.google.com/view/cashift-bench

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

fish98/CAShift

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
Benchmark
Benchmark
 
 
Dataset
Dataset
 
 
img
img
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

CAShift: Benchmarking Log-Based Cloud Attack Detection under Normality Shift

This repository contains (1) vulnerability dataset (2) system log collection framework (3) our proposed AE/VAE baselines for benchmarking used in the research paper "CAShift: Benchmarking Log-Based Cloud Attack Detection under Normality Shift". The paper is accepted at The ACM International Conference on the Foundations of Software Engineering (FSE 2025)

Authors: Jiongchi Yu, Xiaofei Xie, Qiang Hu, Bowen Zhang, Ziming Zhao, Yun Lin, Lei Ma, Ruitao Feng, Frank Liauw


Project Website | Conference | Paper (Arxiv)

This repository is not in its final version, certain documentation sections are still being updated.

Overview

Content

The code of this project is organized into two main parts:

  1. The CAShift Dataset Collection Framework
  2. The CAShift Benchmarking Baselines

To directly use the CAShift dataset, please directly visit our shared online drive

The environment setup instructions and detailed usage guidance can be found in the README files located within each corresponding subdirectory.

Community Contributions

We welcome all contributions to improve our dataset, including but not limited to adding new cloud applications, introducing new attack scenarios, and contributing additional baselines, etc. Feel free to submit a pull request :)

Citation

Cite as below if you find this repository is helpful to your project:

@article{yu2025cashift,
    title      = {CAShift: Benchmarking Log-Based Cloud Attack Detection under Normality Shift},
    author     = {Yu, Jiongchi Yu and Xie, Xiaofei and Hu, Qiang and Zhang, Bowen and Zhao, Ziming and Lin, Yun and Ma, Lei and Feng, Ruitao and Liauw, Frank},
    journal    = {Proceedings of the ACM on Software Engineering},
    year       = {2025}
    volume     = {X},
    number     = {FSE},
    pages      = {XXX-XXX},
    publisher  = {ACM New York, NY, USA}
}

Acknowledgement

Many thanks to Ruozhao Yang for the support of the web application-based exploit PoCs, and to Jiahao Ying for providing extra computing servers for the benchmarking experiments.

This research is partially supported by the Lee Kong Chian Fellowship, the National Research Foundation, Singapore, and the Cyber Security Agency under its National Cybersecurity R&D Programme (NCRP25-P04-TAICeN). Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not reflect the views of National Research Foundation, Singapore and Cyber Security Agency of Singapore.

About

CAShift: Benchmarking Log-Based Cloud Attack Detection under Normality Shift (FSE 2025)

sites.google.com/view/cashift-bench

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages